Lucene search
K

1646 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2026-46179

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ASoC: SOF: Don't allow pointer operations on unconfigured streams When reporting the pointer for a compressed stream we report the current I/O frame position by...

5.5CVSS6.2AI score0.00122EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/28 10:45 p.m.7 views

Allocation of Resources Without Limits or Throttling

Overview kibana is an open source Apache Licensed, browser-based analytics and search dashboard for Elasticsearch. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the handling of compressed request payloads before authorization...

7.1CVSS5.2AI score0.00296EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/28 9:13 p.m.13 views

CVE-2025-71309

A flaw was found in the Linux kernel's ntfs3 filesystem driver. An issue with incorrect lock ordering between the inode mutex and page locks during compressed frame reading can lead to a deadlock. This vulnerability allows a local attacker to cause a system to hang, resulting in a Denial of Servi...

5.5CVSS5.8AI score0.00106EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/28 9:9 p.m.14 views

CVE-2026-46179

A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ALSA System on Chip ASoC Sound Open Firmware SOF subsystem. This vulnerability occurs when reporting the pointer for a compressed stream, where the I/O frame position is divided by values that can be zero if the stream...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/28 7:42 p.m.35 views

CVE-2026-42400 Uncontrolled Resource Consumption in Kibana Leading to Denial of Service

Uncontrolled Resource Consumption CWE-400 in Kibana can lead to denial of service via Excessive Allocation CAPEC-130. An authenticated user can send a specially crafted compressed request payload that is processed prior to authorization checks, causing excessive memory and CPU resource consumptio...

6.5CVSS0.00296EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/28 7:42 p.m.10 views

EUVD-2026-33030

Uncontrolled Resource Consumption CWE-400 in Kibana can lead to denial of service via Excessive Allocation CAPEC-130. An authenticated user can send a specially crafted compressed request payload that is processed prior to authorization checks, causing excessive memory and CPU resource consumptio...

6.5CVSS5.8AI score0.00296EPSS
Exploits0References1
OSV
OSV
added 2026/05/28 3:43 p.m.12 views

RLSA-2026:19197 Low: python-jwcrypto security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.5CVSS5.8AI score0.00294EPSS
Exploits1References2
Rockylinux
Rockylinux
added 2026/05/28 3:43 p.m.12 views

python-jwcrypto security update

An update is available for python-jwcrypto. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming...

5.3CVSS5.8AI score0.00294EPSS
Exploits1
NVD
NVD
added 2026/05/28 10:16 a.m.13 views

CVE-2026-46179

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Don't allow pointer operations on unconfigured streams When reporting the pointer for a compressed stream we report the current I/O frame position by dividing the position by the number of channels multiplied by the...

5.5CVSS0.00122EPSS
Exploits0References6
OSV
OSV
added 2026/05/28 10:16 a.m.7 views

UBUNTU-CVE-2026-46179

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Don't allow pointer operations on unconfigured streams When reporting the pointer for a compressed stream we report the current I/O frame position by dividing the position by the number of channels multiplied by the...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/05/28 9:36 a.m.31 views

CVE-2026-46179 ASoC: SOF: Don't allow pointer operations on unconfigured streams

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Don't allow pointer operations on unconfigured streams When reporting the pointer for a compressed stream we report the current I/O frame position by dividing the position by the number of channels multiplied by the...

0.00122EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/05/28 9:36 a.m.9 views

CVE-2026-46179

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Don't allow pointer operations on unconfigured streams When reporting the pointer for a compressed stream we report the current I/O frame position by dividing the position by the number of channels multiplied by the...

5.7AI score0.00122EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2026/05/28 9:36 a.m.25 views

CVE-2026-46179

In CVE-2026-46179, the Linux kernel ASoC SOF subsystem is vulnerable to a divide-by-zero when reporting the pointer for a compressed stream if stream parameters are unconfigured. The bug arises from dividing the I/O frame position by (channels × container bytes), which defaults to zero until stre...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References6Affected Software1
Microsoft CVE
Microsoft CVE
added 2026/05/28 8:11 a.m.9 views

slip: bound decode() reads against the compressed packet length

...

8.2CVSS6.5AI score0.00278EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.9 views

PT-2026-44511

Name of the Vulnerable Software and Affected Versions Kibana affected versions not specified Description Uncontrolled Resource Consumption in Kibana can lead to a denial of service through excessive allocation. An authenticated user can send a specially crafted compressed request payload that is...

6.5CVSS5.8AI score0.00296EPSS
Exploits0References4
OSV
OSV
added 2026/05/27 2:16 p.m.6 views

UBUNTU-CVE-2025-71309

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: fix deadlock in nireadfoliocmpr Syzbot reported a task hung in nireadpagecmpr now nireadfoliocmpr. This is caused by a lock inversion deadlock involving the inode mutex nilock and page locks. Scenario: 1. Task A enters...

5.7CVSS5.7AI score0.00106EPSS
Exploits0References3
CVE
CVE
added 2026/05/27 12:24 p.m.23 views

CVE-2025-71311

The CVE-2025-71311 entry affects the Linux kernel fs/ntfs3 subsystem. The vulnerability arises when new folios (memory pages) are allocated for NTFS3 without being marked uptodate, and ni_read_frame() is skipped because the caller expects a frame to be fully overwritten; this can leave parts of f...

5.5CVSS5.7AI score0.00155EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/05/27 11:16 a.m.5 views

UBUNTU-CVE-2026-45843

In the Linux kernel, the following vulnerability has been resolved: slip: bound decode reads against the compressed packet length slhcuncompress parses a VJ-compressed TCP header by advancing a pointer through the packet via decode and pull16. Neither helper bounds-checks against isize, and decod...

8.2CVSS5.7AI score0.00278EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/05/27 9:24 a.m.12 views

CVE-2026-45843

In the Linux kernel, the following vulnerability has been resolved: slip: bound decode reads against the compressed packet length slhcuncompress parses a VJ-compressed TCP header by advancing a pointer through the packet via decode and pull16. Neither helper bounds-checks against isize, and decod...

8.2CVSS5.7AI score0.00278EPSS
Exploits0
CVE
CVE
added 2026/05/27 9:24 a.m.39 views

CVE-2026-45843

CVE-2026-45843 affects the Linux kernel’s SLIP/VJ-compressed TCP header handling (slip and slhc_uncompress). The vulnerability stems from decode() and pull16() not enforcing bounds against the packet end, and decode() masking its return value to 0xFFFF, causing potential over-reads when a compres...

8.2CVSS5.8AI score0.00278EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder